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L  C  F 


1 .  Introduc  tion 

The  logic  of  computable  functions  proposed  by  Dana  Scott  in  l'fc?, 
in  an  unpublished  note,  has  since  been  the  subject  of  an  interactive 
proof-checking  program  designed  as  a  first  step  in  formally  based  machine- 
assisted  reasoning  about  computer  programs.  This  implementation  is 
fully  documented  in  1] ,  and  its  subsequent  applications  are  reported  in 
later  papers  [2,3,4,  and  5]  •  However  the  model  theory  of  the  logic, 
which  scott  originally  supplied,  is  not  discussed  in  those  papers,  and 
the  purpose  of  this  Memorandum  is  to  present  that  theory.  Nothing  is 
added  here  to  Scott's  work.  The  concept  of  a  continuous  function,  whj.ch 
is  central  to  the  theory,  has  since  been  developed  by  him  to  provide 
models  for  the  \-calculus  and  to  yield  his  mathematical  theory  of 
continuous  lattices;  the  interested  reader  can  follow  these  topics  in 
Scott  (  .  However,  since  LCF  is  only  a  version  of  the  typed  \-calculus, 

these  developments  are  not  necessary  for  the  present  purpose,  and  the 
present  paper  contains  all  that  is  needed  to  understand  LCF. 


Definition  2.2  For  a  po  (D,£),  a  set  X  c  D  is  a  chain  if  X  = 


Definition  2 A  po  (D,£.)  is  a  complete  partial  order  (cpo)  if 

(1)  It  has  a  minimum  element,  which  we  denote  by 
J_D  ,  or  just  X  if  there  is  no  confusion. 

(2)  Every  chain  X  £  D  has  a  least  upper  bound  (lub) 
iri  D,  which  we  denote  by  UX. 


Definition  2.4  If  D  and  E  are  cpo's,  then  a  function  f  :  D  -»  E 
is  co ntinuous  if  every  chain  X  £  D  satisfies 
l_l£f(x)  :  x€X}  =  f(UX). 


Thus  a  continuous  function  is  one  which  preserves  the  lubs  of 
chains.  Note  that  the  set  on  the  lefthand  side  of  the  above  equation 

is  a  chain,  since  if  X  =  Cxq.x^ _ ]  and  xQ  C  x  c  . 

then  we  also  have  f(x^)  S. . To  see  this,  we  only  need  to 


2 .  Continuous  Function  Domains 

In  this  section  we  define  a  particular  sort  of  partially  ordered 
domain,  called  a  complete  partial  order  (cpo),  and  the  concept  of 
continuous  function.  We  prove  some  propositions  for  later  use;  in 
particular,  that  if  D  and  E  are  cpo's,  then  the  set  of  continuous 
functions  from  D  to  E  is  itself  a  cpo. 

Definition  2 . 1  A  partial  order  (po)  is  a  pair  (D,c)  where  D  is  any 
set  (domain)  and  c  is  a  transitive,  reflexive  ,  antisymmetric  relation 
over  D. 
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observe  that  any  continuous  function  is  mcnotonic  -  that  is, 

X-y  *  f  X  Ef^)’  and  this  is  true  because  if  y  is  the  chain  {xEy} 
then  UY  =  y,  so  we  have  f  (x)  c  U(  f  (x) ,  f  (y))  =  f  ((jy )  =  f(y). 

We  should  also  note  that  there  is  an  alternative  (more  restrictive) 
definition  of  a  epo  which  uses  the  concept  of  directed  set  (X  is  directed 
iff  x.yex  =>  3  z€X.x,yEZ)  instead  of  chain.  This,  in  turn,  leads  to  an 
alternative  more  restrictive)  definition  of  continuous  function.  We  have 
chosen  the  less  restrictive  alternative,  but  we  remark  that  the  theory  can 
be  done  equally  well  as  far  as  we  are  here  concerned)  with  either  definition 
Xotice  that  we  use  the  same  symbol  c  for  the  relation  in  every  po 
under  discussion.  This  should  give  no  difficulty.  We  also  use  names 
like  D  and  E  both  for  po's  and  for  their  domains. 

Dcy_i_nition - _  We  denote  the  set  of  continuous  functions  from  D  to 

E,  where  these  are  epo's  ,  by  L D  — >  E  . 

If  d  and  E  are  epo's  then  F  =  [  D  -»  E]  is  a  epo 

under  the  relation 

f  eg  iff  Yx  •  f(x)cg(x) 


Proof 


First,  F  is  is  a  po  under  this  relation  (check. 


reflexivity,  transitivity  and  antisymmetry) .  Second,  the  minimum  element 
If  of  F  is  easily  seen  to  be  \x.lg.  Finally,  we  need  that  any  chain 

Z  =  f  h3S  3  lub  LZ€F*  Define  L'Z  =  Xx-Uff(x)  :  fez).  This  is  a  well- 
defined  function  since  for  each  x  in  D,  i f (x)  :  f€Z)  is  easily  seen 
to  be  a  chain  in  E.  Next,  it  bounds  above  every  feZ ,  since  for  each 
xe°,  f  x)  EU{  f  (x)  :  fez)  =  (Uz )  (x) .  Further,  it  is  a  lub,  since  if  h  is 
any  other  upper  bound  for  Z,  then  for  each  xeD  and  feZ,  we  have 
f  x  £h(x);  it  follows  that  (UZ)(x)ch(x),  and  hence  UZch. 


But  we  must  also  show  that  UZeF , 


i.e.  , 


LIZ  is  continuous . 


Let  X  s  D  be  a  chain.  We  require 


(UZ)(L!X)  =  LJ  {(UZ)(x)  :  x£Xj  , 

But  (,UZ)  (UX)  =  U[f(UX)  :  f£Z]  by  the  definition  of  UZ. 

=  U{f(x)  :  f£Z,x£X] 

=  LJ{  (LZ)  (x)  :  x£Xj  . 

This  completes  the  proof.  2 


Proposition  2.2  For  any  cpo  D,  every  f£[  D  ->  D]  has  a  minimum 
fixed-point  Yf£D  -  i.e.  we  have  f(Yf)  =  Yf  and  for  all  x£D, 
f(x)  =  x  implies  YfCx. 

Remark  This  proposition  ensures  the  existence  of  the  least 

fixed-point  operator  Y  :  [D  — >  D]  — »  D.  The  next  proposition  shows  that 
Y  is  continuous,  i.e.  Y£[  [  D  -»  D]  -»  D]  . 

P.F9.9.1  The  set  S  =  {f^(l^)  :  0  <  ij  is  a  chain  by  the 

monotonicity  of  f.  Define  Yf  =  US.  By  the  continuity  of  f,  we  have 
v  i+l 

f  Yf)  =  Lj If  (Ip)  :  0  <  ij  =  Yf,  so  Yf  is  a  fixed-point  of  f.  Let  x 

be  any  other  fixed-point.  Now  by  the  monotonicity  of  f  we  have 
f(-*-D)  £  f(x)  =  x,  and  by  induction  on  i  we  can  show  f^^J^jCx  for 
all  i  >  0,  lo  Yf  =  u£ f  (-Lq)  •  0  <  i}  C  x,  and  thus  Yf  is  the 
minimum  fixed -point  of  f.  371 


Proposition  2 '.  \  Y  is  continuous,  so  Y£[[D-»D]  ->  D] 

Proof  Let  Z  be  any  chain  S  [D  ->  D]  .  We  must  show  that 

Y(UZ)  =  Ll{Y f  :  f£Zj  .  In  one  direction  (3  )  proof  is  easy  since  for  each 
f£Z,  UZ3f,  so  Y (|_IZ )  3  Yf  by  the  monotonicity  of  Y  which  in  turn 
follows  directly  .rom  the  definition  of  Yf.  In  the  other  direction  we 
only  need  to  show  that  U{Yf  :  f£Z)  is  a  fixed-point  of  LIZ,  since  then 


it  dominates  the  least  such,  which  is  Y([JZ).  Now 
UZ(U{Yf  :  fez))  =  U{g(U{Yf  :  fez] )  :  gez) 

=  U{g(Yf)  :  gez,  fez)  by  continuity  of  g. 

=  Uf  f (Y  f )  :  fez),  since 

g(Yf)  C  h(Yh)  where  h  =  max(g,f). 

=  U{ Y f  :  fez) 

which  is  the  required  fixed-point  property.  This  completes  this 


3 •  Pure  LCF  :  Terms 

In  this  section  we  give  the  term  syntax  of  Pure  LCF,  and  then 
after  defining  a  standard  interpretation  as  a  func'ion  from  identifiers 
into  the  union  of  a  family  of  cpo's,  we  show  how  such  an  interpretation 
is  extended  uniquely  to  a  function  from  all  terms  into  the  same  range. 
The  terms  of  Pure  LCF  are  just  those  of  a  typed  \-calculus. 


Types  (1)  ind  and  tr_  are  (basic)  types. 

(2)  If  pi,  p2  are  types  then  (pi  ->  p2)  is  a  type. 

(3)  These  are  all  the  types. 

We  use  p,  pi,  p2 , . . .  to  denote  types,  and  frequently  omit  parentheses, 
assuming  that  associates  to  the  right,  so  that  pi  ->  p2  P3 
abbreviates  (pi  -»  (fl2  -»  P3)). 


Terms 


Each  term  has  a  well  defined  type.  We  use  s,t,u 


to  denote  terms,  and  write  s  :  P  to  mean  that  s  has  type  p. 
xl)  Any  identifier  is  an  (atomic)  term.  We  do  not  need  to  describe  them, 
except  to  say  that  there  are  infinitely  many  at  each  type,  that  the  type 
of  each  is  determined  in  some  way  (perhaps  by  explicit  subscripting),  and 
that  they  include  TT  :  tr,  FF  :  tr  and  the  families  (indexed  by  type) 

UV  *^tr  — >  P  —  >  P  — »  P  and  Y(p  _  p)  _  p-  These  identifiers  are  special 
only  in  that  each  standard  interpretation  will  assign  a  particular  element 
to  each  of  them.  We  use  x,y  to  denote  arbitrary  identifiers. 

(2)  If  s  :  pi  -»  p2  and  t  :  pi  are  terms  then  s(t)  :  p2  is  a  term. 

If  x  :  pi  is  an  identifier  and  s  :  p2  is  a  term,  then  [\x*s]  :  31  _>  g2 
is  a  term. 

(3)  These  are  all  the  terms. 
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Remark  In  the  machine  implementation  of  LCF,  and  often  for 

intelligibility,  we  have  written  terms  of  the  form  =>(s)(t)(u)  and 
Y([\x*s])  respectively  as  (s  — >  t,u)  and  [o?x.s]  ,  and  have  dispensed 
with  z>  and  Y.  It  is  clear  that  every  term  of  implemented  LCF  is  then 
a  transcription  of  a  term  of  Pure  LCF,  and  it  therefore  suffices  to 
discuss  the  semantics  of  the  latter. 


Semantics 


A  standard  model  (of  LCF)  is  a  family  {Dg}  of  cpo's, 


one  for  each  type  g,  where  is  an  arbitrary  cpo,  is  the 

cpo  {tt,ff,_[_^  }  under  the  partial  order  given  by  the  diagram 


\  / 


3nd  Dgl  -»  g2  ^Dgl*^  Dg2J  *  N°te  that  D£nd  completely  determines  a 
standard  model. 

Let  J  be  the  set  of  identifiers  of  Pure  LCF.  A  standard 

interpre ta tion  (of  LCF)  is  a  standard  model  £ D  }  together  with  a 

P 

standard  assignment,  which  is  a  function 

#  ■  J~>  U{Dp} 

which  satisfies  the  further  conditions 

(1) *  01  x  :  g]  e  D 

P 

(2)  The  value  of  Q  for  the  special  identifiers  is  given  by 
the  following: 


We  write  the  (syntactic)  arguments  of  Ct  in  decorated  brackets  as  an 
aid  to  the  eye. 
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a  I  tt  j  =  tt,  a  I  ff  ]  =  ff , 


a  I  uug  E  =  ip, 


a  ^  3tr  -»  p  -»  3  -»  P3  = 


XSeDtr*XTl6D  -XX6D  •(§  -^n.x).  arid 

a  1  Y(P  -»  3)  -»  P11  =  Y(p  ->  3)  -»  3 

where  (g  -»  T],x)  “  the  conditional  -  takes  the  values  ]_,  T|,  x  according 

as  §  =  1  ,  tt,  ff,  and  where  we  have  subscripted  the  fixed-point  operator 

Y  on  the  right  to  indicate  that  it  belongs  to  [  [ D  ->  D  ]  ->  D  ]  .  Note 

P  P  P 

that  the  Y  on  the  left  is  an  identifier,  and  the  Y  on  the  right  a 
function.  It  is  easy  to  check  that  Ct  [[  3  D  is  a  continuous  function, 
and  Proposition  2*3  has  assured  us  that  tf  Y  ]]  is  also  continuous. 

If  O  satisfies  condition  (1)  above,  but  not  necessarily  condition 
(2),  we  call  it  just  an  assignment ,  yielding  an  interpretation  (not 
necessarily  standard).  We  also  confuse  the  terms  assignment  and 
interpretation,  since  we  have  no  occasion  to  discuss  here  different 
standard  models. 

We  write  Q  ,  to  indicate  the  assignment  differing  from  fl  only 

s/x 

in  that  its  value  at  x  is  clearly  we  have  that 


terms 


<Vy  “  x 


y 


(^/x)n/y  1 

\  )-  /  otherwise. 

\ ^  n/y  5/x 

We  now  show  how  to  extend  the  domain  of  an  assignment  d  to  all 
,  preserving  the  condition  that 

a  IE  s  :  3  1  e  Dp 


which  states  not  only  that  <7  respects  types,  but  also  that  (for  composite  types) 
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it  yields  a  continuous  function  over  the  appropriate  domains. 

We  define  O  by  induction  on  the  structure  of  terms,  as  follows: 
£  s(t)  J  =  <7  l  s  J  (tf  (£  t  31 ) 
a  £  [\x.s]  j  =  s  ]]  . 

That  a  respects  types  is  obvious.  That  a  £  s  ]J  £D  for  all  3  and 

P 

s  :  0  is  a  corollary  of  the  following 


Proposition  3. 1  For  each  assignment  Cl  and  for  each  x  :  pi, 
S  :  B2,  \;£Dpl-  <7;/x  |[  S  1  £[Dpr  d02)  . 


-~Q--Q —  First,  suppose  s  is  an  atomic  term,  i,e.  an 

identifier.  Either  s  =  x,  in  which  case  pi  =  32  and  *  O  /  I  s  ]J 

is  the  identity  function  over  D^,  or  s  f  x  in  which  case  it  is  a 

constant  function  from  to  .  In  either  case  it  is  a  continuous 

function,  hence  €[Dq1  D  J  . 

pi  P2 

Next  suppose  s  is  t(u),  t  :  33  ->  p2  and  u  :  33.  Assume  the 
proposition  for  t  and  u.  We  have  to  show  that  for  any  chain  X  c  D 

Rl’ 

Utfyxt  :  SexJ  =  ^yx/x^  that  is*  that 

ut V1  c  3 (W " 3  > :  «e!«  -  v1  c  1 V-1  u  3  >  • 

Now  if  we  denote  •  <7§/x£  t  J  and  X§ .  <7§/x£  u  J  by  f  and  g,  the 
inductive  assumption  tells  us  that  fe[] Dpl  -  [  D^]  ]  and  ge[Dpl-  D  ]  , 

and  the  required  equation  merely  states  that  for  such  f  and  g, 
X?.f(S)(g(S))  is  continuous.  The  proof  of  this  we  leave  to  the  reader; 


it  is  hardly  more  than  proving  that  for  a  chain  X,  ff(g)  (g(g))  :  §ex} 
and  li(l)(g(Tl))  :  §  ,T]€X3  are  cofinal  chains. 

Finally,  suppose  s  is  [\y.t],  y  :  33, t  :  34  and  32  =  P3  _»  34 . 
We  need  to  show  tha  t 
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l56V  W  Uy't]  3  €[Dsr  [dkt  V11 

that  is,  that  for  any  chain  X  c  D  , 

01 

U  !W>s3-(l75/lt)VyCt]|  :  56X}  - 

»V(V*Vyi  t3 

No„  in  the  case  x  =  y,  we  have  -  ^/y 

and  the  equation  reduces  to  a  tautology.  If  x  |=  y  ,  then  ((7  ,  )  = 

'5/x  Ti/y 

^n/y)§A'  and  the  inductive  hypothesis  (that  the  proposition  is  true  for 
t)  tells  us  that  t  JJ  is  continuous  -  hence  monotonic  - 


so 


(  tU)  Is  a  chain  in  ,  for  each  T).  Moreover,  the 


0^ 


inductive  hypothesis  also  tells  us  that  for  each  §  XTl  •  (<7  /  )  /  I  t  J 

»/  ^  N/y 


is  in  [D^  ->  D  ,  and  by  the  previous  remark  the  set  of  these  functions  - 
as  §  ranges  over  X  -  is  a  chain  in  [ D^->  D^]  .  Thus  by  the  definition 
of  U  for  function  spaces  (Proposition  2.1)  we  can  replace  the  lefthand 
side  of  the  desired  equation  by 


VneD33  •  U  ((<fyy)g/xl[tj  :  §ex] 

=  XTleD33  •  ^Ti/y^x/x^ 1 

=  xy£D33  •  Hjx/xVyCt:B  since  x  ^  y 

and  we  are  done.  We  have  therefore  proved  the  proposition  by  induction 
on  the  structure  of  terms.  ra 


Corollary  5.2 

For  every  assignment  a ,  type  p,  and  term  s  :  p^sj  e  D  , 

0 

Proof  For  atomic  terms  the  corollary  is  assured  by  the  definition  of 
an  assignment.  For  terms,  the  proposition  gives  the  corollary  directly. 
For  an  application  term  s(t)  :  p,  the  proposition  tells  us  that 
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so  by  application  to  a  (L  x3  we  get 


as  required 


4 .  Pure  LCF  :  Formulae . Sen tences  ,  Rules  and  Validity 


In  this  section  we  define  the  remainder  of  the  syntax  of  Pure  LCF, 
extending  the  domain  of  assignments  C  still  further,  and  after  defining 
the  concept  of  validity  of  a  sentence  we  give  the  rules  of  inference  and 
show  that  they  preserve  validity. 


Atomic  well-formed  formulae  (awffs) 

If  s,t  :  p  are  terms,  then  s  c  t  is  an  awff.  Let  us  add  the 
truth  values  T,F  (not  to  be  confused  with  XT,  FF)  to  the  range  of 
an  assignment,  and  extend  any  O  to  awff::  by 

tfCsCtJ  =^T  if  <7(H.s3!cd7[[tJ 

^F  otherwise 


We  11 -formed  formulae  (wffs) 

A  wff  is  a  set  of  awffs.  We  use  P,Q,P1 ,Q1 ,  . .  .  , 
arbitrary  wffs.  Extend  to  wffs  by 

tf[P]  ={t  if  ASP  ^  £A  J  =  T 
^F  otherwise. 

We  use  s  =  t  to  abbreviate  {s  c  t,  t  c  s  }. 


to  denote 


Sentences 


If  P,Q  are  wffs,  then  PH  Q  is  a  sentence  (if  P  =  0 ,  we  just 
write  (-  Q) .  Extend  Cl  to  sentences  by 

a  [PH-QID  =  |f  if<7I£PlI  =  T,<7(£Qj  =F 

otherwise. 

We  say  that  PHQ  is  false  in  (7  ,  true  in  O  respectively.  We  say  that 

a  sentence  is  valid  iff  it  is  true  in  all  standard  interpretations. 

We  now  introduce  the  rules  of  inference  of  Pure  LCF,  accom tanying 

each  by  a  proof  -  often  very  trivial  -  that  it  is  valid  (a  rule  is  valid 
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, 


if  whenever  its  hypotheses  are  valid  its  conclusion  is  valid).  The 
proofs  will  rely  on  two  facts  about  assignments  which  are  fairly  easy 
to  prove  (we  omit  their  proofs).  First,  if  A  is  any  syntactic  entity 
in  the  domain  of  an  assignment  a  ,  and  x  is  not  fre^  in  A,  then 
tfEAj  is  independent  of  tfflLxJ;  more  precisely,  <7^ /yJ[  A  J  =  n  £ , 
Second,  in  specifying  the  inference  rules  we  use  Aft /x)  to  mean: 
Substitute  t  for  x  in  A  with  suitable  changes  of  bound  variables 
so  that  no  identifier  free  in  t  becomes  bound  after  the  substitution, 
and  we  need  the  fact  that  £a  { t/x)  ]  =  ^  £  1 1/yJL  A  J  . 

Rules  of  Inference 

Me  write  the  hypotheses  of  each  rule  above  a  solid  Hue.  If  there 
are  none,  we  omit  the  solid  Hue.  We  use  the  same  names  for  rules  as  in 


I 


p  *~Q  (Q  Q  P) 

Clearly  P  true  in  a  implies  Q  true  in  a . 

P-b-Q1  _ PhQ2 

P  Q1  U  Q2 

Clearly  valid 


Pit-  P2 


P2t-P^ 


PI  h-  Pj$ 


Clearly  valid, 
t  c  u  t-  s(t)  c  s(u) 

If  tfEtjE^lTuJ,  then  /?  £s  (t)J  =  <7  £  s  JJ  (  «  £  1 1) 
£  <7  (Ls  3(<7  |[u3)  =  a  BCs(u)  J,  using 
the  monotonicity  of  Q  (E  s  3)  . 


REFL 


f-  s  C  s 


Clearly  valid,  fay  reflexivity  of  c 
TRANS  set,  tcu  i-  sCu 

Clearly  valid  by  transitivity  of  Cl 
MINI  h  UU  C  s 

Clearly  valid,  by  the  minimality  of  J. 

3 

MIN2  h  UU(s)  CUU 

Clearly  valid,  by  the  definition  .L  =  \|6pl.  1 

pi  — >  p2  (32 

Note  that  in  the  last  two  rules  we  have  omitted  the  type  subscripts  from 
UU ,  intending  that  they  be  supplied  in  such  a  way  as  to  yield  a  proper 
awff  -  i.e,  that  the  terms  on  either  side  should  have  the  same  type.  We 
could  have  written  UUpl  ^  ^(s  :  pi)  C  UU  .  Similarly  we  will  omit 
subscripts  from  3  and  Y. 


CONDT 

h- 

=5  (TT)(s)(t) 

=  s 

CONDU 

h 

3  (uu)(s) (t) 

=  UU 

CONDF 

h- 

=>  (FF )  (s)  ( t) 

=  t 

These 

rules  are  justified  by 

the  standard  interpretation 

ABSTR 

P 

H  set 

x  not  free  in  P. 


P  t“  [  Xx.s]  c  [\x  .  t  ] 

Let  be  such  that  @  jd  P  =  T.  Since  x  is  not  free  in  P, 
we  have  also  Pj  =  T  for  any  § .  So  the  hypotheses  of  the  rule 

assures  us  that  for  each  §  in  Dp ,  where  x  :  g,  G^/JL  s]  =  n  /J_  t  .  Hence 
XI  .^/xC  s  1  E  X§  *(^yxlL  t  J  ,  which  is  to  say  that 
a  C  [xx.s]  c  [xx.t] j  =  T  ,  as  required  . 

CONV  I-  [Xx.s]  (t)  =  s{t/x} 
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We  have  that  Q  UXx.s  ]  ( t )  3  =  (X§  .<7-  ,  l  s  3  )  (<7  IE  t  U  ) 

w  x 

=  ^  £  t  J/X1LS3]  »  which  is  equal  to  O  C s{  t/x}  3  by 
the  second  of  the  facts  about  assignments  which  we  have  assumed. 

ETACONV  |—  [\x.y(x)]  =  y,  y  distinct  from  x 

&  E  [ Xx.y (x) ]  3  =  X§.<7s/xILy(x)3  =  X§.^/xlIyll(^/xirx]I) 

=  (L  y  ID  (f )  (  since  x  is  distinct  from  y,  so  does  not 

occur  free  in  y),  =  £7[£yJ. 


CASES 


p,  S  H  IT  l-Q  P,  s  s  UU|—  Q 


P,  S  =  FF  |—  Q 


PhQ 


Let  a  be  such  that  tffllPj  =  T.  Since  s  :  tr,  C7  [£  must 

take  one  of  the  values  {  tt ,  1^,  f f}  ,  so  that  one  of  a  (£s  a  TT  J  , 

&  Es  5  uu3,  C7CQs  5  FFjl  takes  the  value  T.  The  validity  of  the 
appropriate  hypothesis  ensures  tfjLQlD  =  T. 


FIXP.  HY(x)  h  x (Y (x) ) 

Clearly  valid  by  the  standard  interpretation  of  Y. 

INDUCT.  P  h-  QlUU/x}  P  U  Qb"  Q{  s  (x)  /  x] 

P  >-Q{Y(s)/x} 

x  not  free  in  P  or  s 

For  simplicity,  we  consider  just  the  case  that  Q  is  an  awff. 

Moreover  we  can  assume  that  it  is  of  the  form  t(x)  C  u(x)  where  x  is 

not  free  in  t  or  u,  since  for  any  term  t\  tfJLt'J  =  a  £  [  Xy .  t '  [y/xj  ]  (x)  ]  , 

y  distinct  from  x,  and  then  x  is  not  free  in  [\y.t/{y/x}]  .  Let  Ct 

be  a  standard  assignment,  a  £  Pj  =  T,  and  assume  that  a  £  s  J  =  f, 

^  C  t  3  =  g,  C7  JLuJl  =  h.  We  first  show  by  induction  on  i  that  for 


each  i  >  0,  g  .f'(J^))  E  h(fi(±g)),  where  x  :  (3.  For  i  =  0, 

the  first  hypothesis  gives  that  a  C  Q  J1  =  T.that  is  d  £  t  ]]  (j  ) Ctf  [  u  3  (1 

Xg/x  P  f3‘ 

since  =<  is  not  free  in  t,n),  so  Ch(l().  Now  assume  the 

inequality  for  i.  That  is,  we  assume  *f i )/xC  9  J  -  T .  Since  x  is 

not  free  in  P,  we  also  have  <?fi( ,  )/xt  PJ  -  T,  and  we  deduce  from  the 

second  hypothesis  that  <7fi (J_  ,  ,  E Q  ( s (x)/x)  J  .  T.  Now  a fi,,  C,(x)J- 

3  '  g'/x 

f  f  -Lg)),  since  x  is  not  free  in  s,  =  f1+L(l  ),  so  from  the 

P 

second  fact  which  we  assumed  for  assignments  we  deduce  that  d  4+1  AT  C  H  =  T 

i+1  4  4.1  f  (la)/x 

that  is  g(f  (ig))C  h(f1+1(lp)).  so  the  induction  is  complete. 

Now  dT  m  Q[y  s)  fX]  31  a  (7Y(f)/xCQ3,  which  we  require  to  take  the 

value  T.  That  is,  we  require  g(Y( f ) ) C h(Y( f )) .  But  g(Y(f) )  = 

U{g  f  (J-g))  :  i  >  0]  (by  the  continuity  of  g)  ,  C  L!  { h  ( f 1  (I  ) )  :  i  >  0} 

(by  what  we  have  proved),  C  h(Y(f))  by  the  monotonicity  of  h,  and  the 
justification  is  complete. 


This  completes  also  our  justification  of  the  validity  of  the 
Rules  of  LCF. 
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